Closing Date : 30/04/2026

Regional Assistant Manager - IT Audit  

Position Responsibilities

To lead and execute IT audit activities that evaluate IT controls, cybersecurity, and technology risks, ensuring systems are secure, compliant, and aligned with the organization’s governance and risk management framework.

IT & Digital Audit
  • Conduct audits across core IT systems including POS, inventory management, payment platforms, mobile apps, and loyalty programs.
  • Evaluate the design and operational effectiveness of IT general controls (ITGCs) and application controls.
  • Audit digital platforms (e.g., online ordering, kiosk systems) for reliability, security, and compliance.
Risk & Compliance
  • Identify key risks in technology-related processes and infrastructure (e.g., cybersecurity, data privacy, system availability).
  • Assess compliance with industry regulations such as PCI DSS, GDPR, local data protection laws, and internal IT policies.
Operational Review
  • Analyze tech-driven operations such as supply chain management, cold chain monitoring, vendor systems, etc.
  • Review the integration and performance of ERP and POS systems (e.g., Oracle, SAP, Microsoft Dynamics, Toast, Revel).
Cybersecurity and Data Integrity
  • Perform IT security audits focusing on access controls, network security, and incident response.
  • Test controls around customer data protection and payment processing systems.
Reporting & Recommendations
  • Prepare clear, concise audit reports highlighting issues, risks, and actionable recommendations.
  • Collaborate with IT, operations, and compliance teams to follow up on remediation plans.

Qualification and Experience

  • Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field.
  • 3–7 years of experience in IT audit, preferably in retail or F&B environments.
  • Experience with technology frameworks (e.g., COBIT, ISO 27001, NIST) and audit tools (e.g., ACL, IDEA, or GRC platforms).
  • CISA (Certified Information Systems Auditor), CISSP, CRISC, or relevant cybersecurity certifications are a plus.
  • Strong understanding of retail technology (POS, ERP, payment systems, customer apps)
  • Analytical and risk-based auditing approach
  • Knowledge of cloud environments (e.g., AWS, Azure) and SaaS applications
  • Ability to communicate technical issues in business language
  • Familiarity with data analytics and scripting (e.g., SQL, Python – optional)
  • Demonstrate strong communication skill, possess good report writing skill and audit presentation skills.
  • Expertise in identifying, assessing, and mitigating risks related to IT.
  • Possess positive attitude, hardworking and willing to take challenges and strives to maintain a good working relationship with team members and auditees.
  • Able to work independently and deliver within the timeline given.
  • Able to travel within Malaysia and overseas on short assignments.

a Necessity, not a Luxury